To the consent extremists here - if you're a FastMail customer - have you gained consent from every one of your correspondents to share their details with FastMail?

They could know you use FastMail by resolving the MX servers, and confirming that their emails are going to FastMail. Do you believe you have the right to leave FastMail and take your email to a different email provider without confirming explicit consent from every person who's emailed you?

Because that's what we're talking about here. Is FastMail allowed to use a third party to send email on our behalf, having assessed that third party's privacy policy and confirmed that it's compatible with the privacy guarantees we offer to our customers. I absolutely MUST reserve the right to do that in the future, because the alternative would be placing unreasonable constraints on our ability to do our jobs by using third party tools if that's the best choice at the time.

If even a 70+ grandma can quickly pinpoint what the problem was in the situation made known to us by @ferrety (I actually tested this with one), I have no reason to suspect that you can't, so I see little point in disecting strawmen and other hyperbole. I don't even know how this is supposed to relate to you sharing data the person had not shared with anyone.

People tend to draw a line between technical sharing, often essential to provide services to customers (hosting your servers at a provider like I mentioned, monitoring error reports like you mentioned, etc.), and sales/marketing/advertising-related sharing, which has acquired a bad name due to various unscrupulous actors abusing it and causing various problems to people whose information has been shared. Neither you nor I can do much to change this difference in perception, and I don't see how its existence can come as a suprise to you. Even if your selected survey company is the most honest one on Earth, using their services is hardly essential for providing services to your customers; and I think we've already established that you had the option to use them without disclosing email addresses, and elected to do what you did the way you did out of convenience, not real need.

You can bemoan "consent extremism" as much as you like, but you're likely still going to have to comply with the GDPR at least as far as your European customers go. I'm reasonably certain that what you did in this case runs counter to what you're allowed to do with personal information under those regulations, and people's email addresses are classified as personal information.

Quote:

What I have promised is that we will document which third parties we're using and inform customers in advance about which data is processed by those third parties. An example of a fairly recently added third party is that we're using a company called Sentry (sentry.io) to process and monitor error reports, allowing our dev team to more easily see clusters of errors and collaborate over fixes. Sometimes crash traces include usernames and other personal data, so we rely on their privacy policy about how they act as a data processor on our behalf.

The only alternative would be to become experts in everything and build everything in-house. Over time, that has become less and less tenable as we found we were spending a lot more maintaining our own half-baked tooling than it would cost to use a solution run by experts in that space. This is exactly the same way our customers use FastMail rather than running their own mail server and writing their own webmail system.

You "have promised" or are promising this now? I'm not saying you haven't, I just don't know where this promise has been made (not in this thread, as far as I can tell). I'm not in the habit of continuing to press for an answer that has already been given.

If there's something in your officially published policies that already covers the case of making people's log-in addresses available to third parties in marketing context, then I think you should probably hilight that section so people don't miss it. If you want to be your run-of-the-mill "we reserve the right to share everything we know about you with our partners so that we can make more money" company, that is obviously your choice. I, personally, would like your company more (and remain a customer longer) if I saw you giving all this a bit more due diligence. EDIT: I do actually appreciate the fact that you're going to document what you share, I just don't know why you have to frame this as a concession to "extremists" rather than simply a good idea in general.

To the consent extremists here - if you're a FastMail customer - have you gained consent from every one of your correspondents to share their details with FastMail?

They could know you use FastMail by resolving the MX servers, and confirming that their emails are going to FastMail. Do you believe you have the right to leave FastMail and take your email to a different email provider without confirming explicit consent from every person who's emailed you?

Because that's what we're talking about here. ...

I think that when any of my friends or other contacts gave me their email address they did so in the expectation that I would use it to send email to them and in return they could send emails to whatever address I gave them. Whether they are experts in email system infrastructure or not they surely know, as I do, that email itself is insecure and that the details of our messages and headers etc will be visible to many people (if they bothered to look) and computer systems en-route. I doubt that any such people care whose systems the emails are on. None of my friends bother to [PGP] sign let alone encrypt their emails, so they're obviously not that bothered.

I don't think that's what the issue is here.

I think you really haven't grasped how those of us who use the primary email address JUST as a login and never for sending email feel about that value being exposed. Don't get me wrong, knowing that I can change that value helps a lot.

Would you give a username for one of your internet banking accounts to anyone else? Would you be happy with a bank who gave such a username to a survey company?

I /do/ get newsletters from you, and enjoy reading them. But you send those to my 'secondary contact' email address, not the primary one, thank goodness.

I do not think I am a consent extremist. However, passing my account information to a survey company (whether for money or other benefit) is something I would expect the ability to explicitly allow or disallow. That is exactly the kind of company I do not wish to have my private data unless I have vetted them myself. Your assurance that you found their declared privacy policy to be acceptable is not sufficient. You have elected to risk my private data because it saves FastMail money and resources.

Possibly leaking some data accidentally to a service whose main business is not about data collection and marketing is a totally different matter. There, it would be nice to know the services you use and how you use them, but they do not really concern me.

To the consent extremists here - if you're a FastMail customer - have you gained consent from every one of your correspondents to share their details with FastMail?

I don't know what's more disturbing about that statement, the arrogant dismissive attitude toward your own users who have a legitimate complaint, or the fact that you still just don't get it.

I have my own domain and I use Fastmail for its email-hosting. I ONLY give out email addresses based on my own domain. I NEVER give out my @fastmail.com address. That one I keep strictly private and use it only as my Fastmail login username. I have never consented to anyone having that email address but you have taken it upon yourself to give it to a third party against my wishes and invalidating that extra bit of security I had in place. And then you post demeaning responses to the people who complained about it.

...but the point here is that the OP's email address/ID was given to a 3rd party without his/her consent which is a breach of trust that I find quite disturbing. ...that Brong doesn't (appear to) understand this - as the CEO of FM - is even more troubling.

I don't understand the issue here. When you create an account with Fastmail, you agree to their Terms of Service and Privacy Policy. The Privacy Policy clearly states that, among other things, Fastmail can share your personal information with third parties who help them manage their business and deliver services. A company running an internal survey for them fits well within "third parties who help the company manage their business".

Maybe this is a topic for a different thread, but it seems to me there is a lot of hype around GDPR being generated by companies that stand to gain some business by supplying compliance services to other companies. For example, here in the USA a very small, very local nonprofit I work for received urgent notices from several tech suppliers about all sorts of things we must do immediately to be in compliance, yet my reading of the GDPR indicates we would be exempt. We don't solicit anyone in Europe--in fact we don't really do it outside of our state. As far as I can tell we do not have a single person in our database based in Europe. But, just assume that someone for some reason decided to send us a check from Europe. That would instantly put us in non-compliance, if what I read is correct. So, how or why would European regulators bother to go after us? We are totally based in the USA, with no operations of any sort outside the USA. It seems like some are implying that we are still required to comply with EU law, which I can guarantee you probably 90% of USA companies do not and probably will not. Nonprofits here in the USA are probably 95% non compliant. For those in Europe, imagine if the USA passed a law that said anyone who wants to sell anything into the USA must now register as a US company, or some other silly law like that. Imagine the uproar!

I have been a Fastmail customer for a number of years. Needless to say, I'm rather disturbed at the allegations made in this thread, even though I personally never received any surveys.

Like others who have posted on this thread, I use my login strictly for ... just that: logging in. I get ZERO emails sent directly to my login. All of my "public" emails are aliases, which can be deleted or filtered as necessary.

Isn't not having your info made public the whole point of choosing Fastmail (or for that matter, any of the other privacy-oriented services) over something like G-Mail?

I don't know if this is easily accomplished, but If FM is going to do customer research, then why not find a way to "anonymize" the data so that the survey company never sees the actual logins? I would become "customer 12345", for example.

As for my trust in third parties... let's just say I that I remain skeptical.

Let's hope they have learned from their mistakes, and can move forward.